redirect-manager: Verify type of returned gateway ID
authorTobias Brunner <tobias@strongswan.org>
Wed, 22 Apr 2015 12:19:54 +0000 (14:19 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 4 Mar 2016 15:02:58 +0000 (16:02 +0100)
src/libcharon/sa/redirect_manager.c

index dfc71e1..e37c26f 100644 (file)
@@ -75,7 +75,18 @@ static bool should_redirect(private_redirect_manager_t *this, ike_sa_t *ike_sa,
                bool (**method)(void*,ike_sa_t*,identification_t**) = provider + offset;
                if (*method && (*method)(provider, ike_sa, gateway))
                {
-                       redirect = TRUE;
+                       switch (*gateway ? (*gateway)->get_type(*gateway) : 0)
+                       {
+                               case ID_IPV4_ADDR:
+                               case ID_IPV6_ADDR:
+                               case ID_FQDN:
+                                       redirect = TRUE;
+                                       break;
+                               default:
+                                       DBG1(DBG_CFG, "redirect provider returned invalid gateway");
+                                       DESTROY_IF(*gateway);
+                                       continue;
+                       }
                        break;
                }
        }